Goodreads helps you keep track of books you want to read.
Start by marking “Secrets and Lies: Digital Security in a Networked World” as Want to Read:
Secrets and Lies: Digital Security in a Networked World
Enlarge cover
Rate this book
Clear rating
Open Preview

Secrets and Lies: Digital Security in a Networked World

3.95 of 5 stars 3.95  ·  rating details  ·  1,083 ratings  ·  48 reviews
Viruses. Identity Theft. Corporate Espionage. National secrets compromised. Can anyone promise security in our digital world?

The man who introduced cryptography to the boardroom says no. But in this fascinating read, he shows us how to come closer by developing security measures in terms of context, tools, and strategy. Security is a process, not a product – one that syste
Paperback, Second Edition, 401 pages
Published January 30th 2004 by John Wiley & Sons (first published 2000)
more details... edit details

Friend Reviews

To see what your friends thought of this book, please sign up.

Reader Q&A

To ask other readers questions about Secrets and Lies, please sign up.

Be the first to ask a question about Secrets and Lies

Security Engineering by Ross J. AndersonSecrets and Lies by Bruce SchneierIntroduction to Security and Applied Cryptography by Bruce SchneierThe Practice of Network Security Monitoring by Richard BejtlichThe Art of Deception by Kevin D. Mitnick
Information Security
2nd out of 68 books — 15 voters
Secrets and Lies by Bruce SchneierThe Art of Intrusion by Kevin D. MitnickThe Cuckoo's Egg by Clifford StollThis Machine Kills Secrets by Andy GreenbergFree Culture by Lawrence Lessig
Cyber Self Defense Reading List
1st out of 23 books — 9 voters

More lists with this book...

Community Reviews

(showing 1-30 of 2,711)
filter  |  sort: default (?)  |  rating details
Rick Howard
Read full review at my blog:
See Cyber Security Canon Candidate List:

"Secrets and Lies: Digital Security in a Networked World" is the perfect book to hand to new bosses or new employees coming in the door who have not been exposed to cyber security in their past lives. It is also the perfect book for seasoned security practitioners who want an overview of the key issues facing our community today. Schneier wrote it
Ed Holden
I've wanted to read a Bruce Schneier book for a long time and this particular one was well rated. I might have confused it with the similarly named Liars and Outliers, which came out much more recently. What I didn't realize when I bought Secrets and Lies it is that Schneier published it in 2000, so it's both an insightful look at computer security practices and a trip down foggy memory lane.

Most of the advice in this book is still perfectly valid, like the importance of intrusion detection in a
I'm a technology end-user, deluged with acceleratingly frequent news reports of large corporations getting hacked, have recently been using my internet banking passcode generator, and occasionally placing basic htaccess security on my websites.

Thus, increasingly aware that security isn't to be left solely to experts who run the banking systems and data storage and transfer facilities- even casual users need an understanding of the premises on which they're built, and are responsible for correct
Slightly dated, but still a very good book that gives a reader who is uninitiated/unfamiliar with information security a clear idea about what information security actually is, how it affects us all (as a generation of humans connected by internet), how to protect information systems and tactics criminals use to break those systems (from malware to social engineering). The book is written in language the average person can understand and really provides an eye opening look at the role cryptology ...more
Jonathan Katz
time to update my review given that i am now finished!

one thing that slightly annoyed me while i was reading the book was that it did not appear that schneier was offering any solutions to the problems that he was presenting in information security. but, after a certain point, that is when i realized: there really are no clear-cut solutions. as schneier emphasizes throughout the book, security is a process, not a solution. there is no generally algorithm for applying a security process; it reall
Secrets and Lies is a non-technical , non-mathematical book that deals with the "social" , & practical day-to-day aspects of hacking and security breach and violations. The book explains the hows and whys of hackings and its consequences. It explains the different types of cyber crimes i.e. identity thefts, ATM thefts, etc. and explores the causes of each in a different viewpoint than just code flaws or weak algorithms. It focuses specially on the Social Engineering aspect, the fallibility o ...more
An excellent overview of what digital security is all about. Many people equate it with firewalls and encryption, based on poor news stories among other things, but that's only a small facet of what real security is. This book covers security from a much larger perspective.

What most surprised me, while reading this in 2013, is how prescient this book turned out to be. Originally written between 1998 and 2000, it anticipated the numerous challenges our industry has faced since then. It feels very
Michael Shea
I would have rated this book higher, but I bogged down about 2/3 through and put the book down for about two years. I picked it up again this week and wondered why I did not keep going. Though I cannot remember much about what I read two years ago, the last part of the book is his revelation about thinking about security. When I read it now, I am like, "of course". But he "vocalizes" the thoughts in a clear way, stating the unstated.
Nick Black
The second star is solely due to Schneier sending me this book in a nice signed hardback edition -- at 24, such things are a fine trouser-rouse. That having been said...sorry mang, but I certainly wouldn't have paid for it. I kind of imagine him with a blissful look on his face, eyes tightly drawn, visions of Counterpane Security profits dancing in his head as he builds towards an eruptive....well, you'll have to read Secrets and Lies yourself. But don't take my animadversion for it, or else y ...more
I liked it.
It tries to keep a very difficult balance between being informing enough for anyone and interesting enough for experts.
It doesn't always succeed.
Also some parts are a little outdated.
Still is a good work, very well explained and narrated, with a lot of concepts from which you'll always learn, regardless of your technical level.
A classic in the field.
So far, I believe this book is the best resource to motivate readers to learn computer security. Written like those non-fictions (instead of textbooks), this book is appropriate to be read by anyone who would like to know about computer security.

The author tried to convince that computer security is a need instead of merely theory. He presented few examples of cases that worth reading. Those examples are firstly presented in human view, then he linked up to some relevant theories. He rarely put
The INFOSEC book by the INFOSEC guy. Also pretty accessible to people outside the field, so if you've got even a passing interest in all this computer security stuff, this is the place to start.
School books are fun!!! Actually they are, when dealing with a topic you particularly like. Which I do in this case, so that wasn't a sarcastic statement. So there. Feel bad now?
Alright, now to be serious. I am currently taking this book for a Cyber Self Defense class. As one reviewer mentioned, it is outdated but the information in this book is still very useful. It covers a huge range of topics and is still considered required reading for any Info Security professional. This wasn't the
This is a great overview of computer security from a literal legend in the area. Written for a non-tech audience, the material becomes easier to grasp with examples and situations people are already familiar with. Towards the end I found that the author almost intentionally used at least one '$10 word' per page and I wonder if that is intentional (like a book code). Regardless I finished this book regardless of dropping it in a muddy puddle. Highly recommended though you'll be stuck with dead-tr ...more
Nabil Saba
is fun & AMZEING TOO
Xiaofei Guo
This book discussed a variety of security and privacy concerns. All of them are still prominent in today's threat landscape. I am surprise to see that Bruce's insight more than 15 years ago still holds today. This book can be a good introduction book for Ross Anderson's security engineering.
Although some elements are a bit dated now, I found a style within Schneier's book that was one of the most approachable and "no nonsense" that I've ever experienced -- especially for a technical topic. Schneier places some sound logic and serious thinking behind questions concerning the basis for security how's and why's.
Eric Durant
I recommend reading the more recent Schneier books first, but this one remains amazingly relevant in 2013. The few examples that are dated often serve the probably unintended purpose of appreciating the constancy of the fundamentals. This will be required reading in my 2014 information security elective offering.
Tengku Zahasman
Although a bit outdated, many of its contents are still relevant today. It covers computer security in a very broad and general sense. It is quite obvious from the writings that the author is very passionate about cryptography. Just in case you're wondering, there's not many secrets and lies in this book.
Great common-sense approach to security. He has a very down to earth perspective on what can be a very complicated subject. My favorite tenet he constantly emphasizes is not to trust that an impenetrable front door will prevent attackers from finding a way to bypass the door to get a way in.
This is a great, comprehensive book on information security. Sometimes I felt like it was a heavy read. But, Schneier uses effective stories to help it move along. I'm glad I read it; however, I wouldn't read it unless you want to really learn about info sec.
Josh Scholl
An excellent book that explores the principles of digital security from a perspective that is easily accessible to an intelligent layperson and yet highly useful to an experienced IT Professional. I thoroughly recommend this book to anyone who owns a computer.
Прекрасная книга про безопасность, пусть и немного устаревшая. Автор чётко структурирует информацию. Читать нужно медленно и вдумчиво, потому что в ней совсем нет воды.
Мне особенно была интересна глава про инфраструктуры открытых ключей.
Anthony Towry
This book is seriously dated. That said, if you weren't there during the late 90's it might explain some things. I wouldn't recommend this for the salty dogs of the industry, but students or interns could benefit from a high-level wide-angle view.
Good use of language and phrases. Thought-provoking. One has to wonder how many times the word "detection" was used from a guy in the detection business though!
Overall, I was glad I read this book.
"The starting point for anyone interested in computer security. The book is a classic and has many imitations. Schneier is brilliant and is still a leading luminary in the world of security."
Written so that anyone can understand. Helped me understand the difficulty of ensuring digital security. Full of interesting stories that happened behind the scenes. I recommend everyone read it.
Eugene Seliverstov
Большая и методичная популярно-научная книга, с кучей Шнейерских баек, но в наше время её читать можно только как артефакт, слишком далёкий от современной цифровой безопасности (1999 год).
Tudor Ștefănescu
Aug 20, 2015 Tudor Ștefănescu rated it 4 of 5 stars
Recommended to Tudor by:
Very good introduction into digital security concepts, actors and politics.
« previous 1 3 4 5 6 7 8 9 90 91 next »
There are no discussion topics on this book yet. Be the first to start one »
  • Practical Cryptography
  • Reversing: Secrets of Reverse Engineering
  • Security Engineering: A Guide to Building Dependable Distributed Systems
  • The Practice of Network Security Monitoring: Understanding Incident Detection and Response
  • Metasploit: The Penetration Tester's Guide
  • Hacking the Xbox: An Introduction to Reverse Engineering
  • Crypto: How the Code Rebels Beat the Government--Saving Privacy in the Digital Age
  • The Implementation (TCP/IP Illustrated, Volume 2)
  • Hacking: The Art of Exploitation
  • The Hacker Crackdown: Law and Disorder on the Electronic Frontier
  • The Protocols (TCP/IP Illustrated, Volume 1)
  • The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
  • Writing Secure Code
  • Fatal System Error: The Hunt for the New Crime Lords Who are Bringing Down the Internet
  • The Best of 2600: A Hacker Odyssey
  • The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers
  • Counter Hack Reloaded: A Step-By-Step Guide to Computer Attacks and Effective Defenses
  • The Tangled Web: A Guide to Securing Modern Web Applications
Bruce Schneier is "one of the world's foremost security experts" (Wired) and the best-selling author of thirteen books. He speaks and writes regularly for major media venues, and his newsletter and blog reach more than 250,000 people worldwide. He is a Fellow at the Berkman Center for Internet and Society at Harvard Law School and the CTO of Resilient Systems, Inc.
More about Bruce Schneier...
Applied Cryptography: Protocols, Algorithms, and Source Code in C Liars and Outliers: Enabling the Trust that Society Needs to Thrive Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World Beyond Fear: Thinking Sensibly about Security in an Uncertain World Schneier on Security

Share This Book